Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management

    In Florida, Data Breach, Offshore Outsourcing, CYA Collide

    Written by

    Larry Dignan
    Published March 27, 2006
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Governments never cease to amaze, and Florida is writing the handbook on how to spin a technology hot potato with more bad spin. Heres the formula: Take offshore outsourcing, add just a dash of potential identity theft and toss in the urge to cover your backside (CYA) to create one strange brew.

      The state of Florida notified 108,000 former and current employees that their files have been improperly sent offshore. The crime: Florida didnt know data was being sent offshore because its subcontractor had a subcontractor that went overseas.

      Lets read between the lines of Floridas warning to its current and former employees March 16:

      On February 3, 2006, the Department of Management Services (DMS) notified state employees that it was investigating allegations that GDXdata/Document Imaging—a U.S. company under subcontract with Convergys/People First!—may have offshored some of the work that Convergys hired it to do.

      OK, so to this point all we know is that Florida cant keep tabs on its vendors vendors. At last check, offshoring wasnt illegal.

      DMS has since uncovered evidence that GDXdata used two or more subcontractors in India to “index” personnel files. To date, DMS has received no reports of identity theft as a result of the offshore work.

      This is the first reference of offshoring and identity theft. Does one lead to another? Sure sounds it, but lets not jump the data breach gun.

      Tiffany Koenigkramer, a spokesperson for Floridas department of Management Services, denied that a data breach had occurred.

      “There has been no ID theft and no credit fraud,” she told eWEEKs Stan Gibson.

      So why mention the two together? Hmmm. Lets read on.

      The offshore work was completed almost two years ago (June 2004). Since June 2004, all indexing of state employee personnel records has been handled in Florida, in Convergys facilities. “Indexing” is the electronic labeling and filing of scanned documents. The “scanning” of personnel files, then and now, has been handled in Florida, in agency and Convergys facilities. The purpose of the scanning/indexing project is to eventually eliminate paper personnel files and to provide state employees secure, electronic access to their personnel records through People First!. Convergys has cooperated in the DMS investigation.

      Translation: DMS realized nearly two years ago that its offshoring of personnel records wasnt such a great political move.

      /zimages/7/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

      It moved processing back to Florida and launched an investigation to deflect a barrage of criticism from unions and politicos looking for points.

      “Convergys and the state of Florida have a contract. There was a subcontract was between GDX and Convergys,” said Koenigkramer.

      Next Page: Subcontracting.

      Subcontracting

      The contract between Convergys and the state of Florida provided that all work was to be done in Florida, however, a subcontractor to GDX shipped some of the work to a subcontractor of its own in India.

      Based on the evidence today, the personnel records of employees, who worked for the state anytime between January 1, 2003 and June 30, 2004, may have been indexed overseas and therefore may be affected. Based on current evidence, the personnel records of employees who retired prior to January 1, 2003 and “benefit only users” of People First!—including legislative, university and court employees—are not affected. DMS will notify employees who are potentially affected by the end of next week.

      For employees who are potentially affected, DMS—in cooperation with Convergys/People First!—is providing assistance including a one-year credit protection program with credit alerts and identity theft coverage.

      If Koenigkramer said there was no data breach—and nothing indicates that directly in the e-mail were dissecting here—why bring up whos affected? Affected by what? Oh yeah, affected by offshore outsourcing.

      I suppose offshoring is worse than some worker leaving his laptop full of personal data in the back of an unlocked rental car.

      If you are a potentially affected employee and have concerns that this activity, which occurred almost two years ago, may impact you, a toll-free hotline (1-866-663-4735 press prompt 5) and an email address (PeopleFirst@dms.state.fl.us) have been set-up to answer your questions and to provide you information about the credit protection program.

      A call to that number yields a friendly rep that reads the letter to employees.

      /zimages/7/28571.gifTo read more about offshoring from columnist Jeff Angus, click here.

      Shes stumped when asked: Is the letter informing me that my files went offshore or that my data has been compromised? Silence. “It looks like its saying it went offshore,” she said.

      The next question: So is that inherently mean offshore is insecure? “It doesnt look like any information has been used,” she said.

      It is common today for businesses and even government to use offshore companies to provide customer services and to process medical, credit and financial records. However, the use of offshore services in this case was inappropriate and unacceptable. Convergys has cancelled their subcontract with GDXdata, and DMS is requiring Convergys to immediately ensure all other subcontractors are pre-screened, pre-approved by DMS and are legally obligated to meet all People First! security requirements.

      Here comes the CYA. The Florida is taking action and has to look like it is doing something about this outrageous offshore outsourcing.

      In the meantime, the state reassures you that there are no data security issues thus far. Confused yet?

      Again, even though there is no evidence that state employee personnel information has been compromised as a result of this overseas work, please take every possible precaution to protect yourself, your family and co-workers from identity theft. It is a good idea to check your credit report regularly. You may request a free credit report once every 12 months. Visit www.annualcreditreport.com or call toll-free 1-877-322-8228. And be sure to report any suspicions of potential identify theft to the proper authorities. For information on preventing identity theft and steps to take should you become a victim, visit the Florida Identity Theft Resource Center.

      Safeguarding your personal information is our highest priority. State agencies and the Department of Management Services will continue to work together to ensure that all state employee personal information remains secure and protected.

      Boy, thats a relief. Now if they can only find a better way to communicate that priority without confusing us.

      /zimages/7/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Larry Dignan
      Larry Dignan
      Larry formerly served as the East Coast news editor and Finance Editor at CNET News.com. Prior to that, he was editor of Ziff Davis Inter@ctive Investor, which was, according to Barron's, a Top-10 financial site in the late 1990s. Larry has covered the technology and financial services industry since 1995, publishing articles in WallStreetWeek.com, Inter@ctive Week, The New York Times, and Financial Planning magazine.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×